Lines Matching refs:group
98 int ossl_ec_GFp_simple_group_init(EC_GROUP *group)
100 group->field = BN_new();
101 group->a = BN_new();
102 group->b = BN_new();
103 if (group->field == NULL || group->a == NULL || group->b == NULL) {
104 BN_free(group->field);
105 BN_free(group->a);
106 BN_free(group->b);
109 group->a_is_minus3 = 0;
113 void ossl_ec_GFp_simple_group_finish(EC_GROUP *group)
115 BN_free(group->field);
116 BN_free(group->a);
117 BN_free(group->b);
120 void ossl_ec_GFp_simple_group_clear_finish(EC_GROUP *group)
122 BN_clear_free(group->field);
123 BN_clear_free(group->a);
124 BN_clear_free(group->b);
141 int ossl_ec_GFp_simple_group_set_curve(EC_GROUP *group,
156 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
166 /* group->field */
167 if (!BN_copy(group->field, p))
169 BN_set_negative(group->field, 0);
171 /* group->a */
174 if (group->meth->field_encode) {
175 if (!group->meth->field_encode(group, group->a, tmp_a, ctx))
177 } else if (!BN_copy(group->a, tmp_a))
180 /* group->b */
181 if (!BN_nnmod(group->b, b, p, ctx))
183 if (group->meth->field_encode)
184 if (!group->meth->field_encode(group, group->b, group->b, ctx))
187 /* group->a_is_minus3 */
190 group->a_is_minus3 = (0 == BN_cmp(tmp_a, group->field));
200 int ossl_ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p,
207 if (!BN_copy(p, group->field))
212 if (group->meth->field_decode) {
214 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
219 if (!group->meth->field_decode(group, a, group->a, ctx))
223 if (!group->meth->field_decode(group, b, group->b, ctx))
228 if (!BN_copy(a, group->a))
232 if (!BN_copy(b, group->b))
245 int ossl_ec_GFp_simple_group_get_degree(const EC_GROUP *group)
247 return BN_num_bits(group->field);
250 int ossl_ec_GFp_simple_group_check_discriminant(const EC_GROUP *group,
255 const BIGNUM *p = group->field;
259 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
274 if (group->meth->field_decode) {
275 if (!group->meth->field_decode(group, a, group->a, ctx))
277 if (!group->meth->field_decode(group, b, group->b, ctx))
280 if (!BN_copy(a, group->a))
282 if (!BN_copy(b, group->b))
367 int ossl_ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group,
375 int ossl_ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
386 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
392 if (!BN_nnmod(point->X, x, group->field, ctx))
394 if (group->meth->field_encode) {
395 if (!group->meth->field_encode(group, point->X, point->X, ctx))
401 if (!BN_nnmod(point->Y, y, group->field, ctx))
403 if (group->meth->field_encode) {
404 if (!group->meth->field_encode(group, point->Y, point->Y, ctx))
412 if (!BN_nnmod(point->Z, z, group->field, ctx))
415 if (group->meth->field_encode) {
416 if (Z_is_one && (group->meth->field_set_to_one != 0)) {
417 if (!group->meth->field_set_to_one(group, point->Z, ctx))
420 if (!group->
421 meth->field_encode(group, point->Z, point->Z, ctx))
435 int ossl_ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
443 if (group->meth->field_decode != 0) {
445 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
451 if (!group->meth->field_decode(group, x, point->X, ctx))
455 if (!group->meth->field_decode(group, y, point->Y, ctx))
459 if (!group->meth->field_decode(group, z, point->Z, ctx))
484 int ossl_ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group,
497 return EC_POINT_set_Jprojective_coordinates_GFp(group, point, x, y,
501 int ossl_ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group,
511 if (EC_POINT_is_at_infinity(group, point)) {
517 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
532 if (group->meth->field_decode) {
533 if (!group->meth->field_decode(group, Z, point->Z, ctx))
541 if (group->meth->field_decode) {
543 if (!group->meth->field_decode(group, x, point->X, ctx))
547 if (!group->meth->field_decode(group, y, point->Y, ctx))
561 if (!group->meth->field_inv(group, Z_1, Z_, ctx)) {
566 if (group->meth->field_encode == 0) {
568 if (!group->meth->field_sqr(group, Z_2, Z_1, ctx))
571 if (!BN_mod_sqr(Z_2, Z_1, group->field, ctx))
580 if (!group->meth->field_mul(group, x, point->X, Z_2, ctx))
585 if (group->meth->field_encode == 0) {
589 if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx))
592 if (!BN_mod_mul(Z_3, Z_2, Z_1, group->field, ctx))
600 if (!group->meth->field_mul(group, y, point->Y, Z_3, ctx))
613 int ossl_ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
625 return EC_POINT_dbl(group, r, a, ctx);
626 if (EC_POINT_is_at_infinity(group, a))
628 if (EC_POINT_is_at_infinity(group, b))
631 field_mul = group->meth->field_mul;
632 field_sqr = group->meth->field_sqr;
633 p = group->field;
636 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
667 if (!field_sqr(group, n0, b->Z, ctx))
669 if (!field_mul(group, n1, a->X, n0, ctx))
673 if (!field_mul(group, n0, n0, b->Z, ctx))
675 if (!field_mul(group, n2, a->Y, n0, ctx))
689 if (!field_sqr(group, n0, a->Z, ctx))
691 if (!field_mul(group, n3, b->X, n0, ctx))
695 if (!field_mul(group, n0, n0, a->Z, ctx))
697 if (!field_mul(group, n4, b->Y, n0, ctx))
714 ret = EC_POINT_dbl(group, r, a, ctx);
746 if (!field_mul(group, n0, a->Z, b->Z, ctx))
749 if (!field_mul(group, r->Z, n0, n5, ctx))
756 if (!field_sqr(group, n0, n6, ctx))
758 if (!field_sqr(group, n4, n5, ctx))
760 if (!field_mul(group, n3, n1, n4, ctx))
774 if (!field_mul(group, n0, n0, n6, ctx))
776 if (!field_mul(group, n5, n4, n5, ctx))
778 if (!field_mul(group, n1, n2, n5, ctx))
798 int ossl_ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
809 if (EC_POINT_is_at_infinity(group, a)) {
815 field_mul = group->meth->field_mul;
816 field_sqr = group->meth->field_sqr;
817 p = group->field;
820 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
841 if (!field_sqr(group, n0, a->X, ctx))
847 if (!BN_mod_add_quick(n1, n0, group->a, p))
850 } else if (group->a_is_minus3) {
851 if (!field_sqr(group, n1, a->Z, ctx))
857 if (!field_mul(group, n1, n0, n2, ctx))
868 if (!field_sqr(group, n0, a->X, ctx))
874 if (!field_sqr(group, n1, a->Z, ctx))
876 if (!field_sqr(group, n1, n1, ctx))
878 if (!field_mul(group, n1, n1, group->a, ctx))
890 if (!field_mul(group, n0, a->Y, a->Z, ctx))
899 if (!field_sqr(group, n3, a->Y, ctx))
901 if (!field_mul(group, n2, a->X, n3, ctx))
910 if (!field_sqr(group, r->X, n1, ctx))
917 if (!field_sqr(group, n0, n3, ctx))
926 if (!field_mul(group, n0, n1, n0, ctx))
940 int ossl_ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point,
943 if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(point->Y))
947 return BN_usub(point->Y, group->field, point->Y);
950 int ossl_ec_GFp_simple_is_at_infinity(const EC_GROUP *group,
956 int ossl_ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
967 if (EC_POINT_is_at_infinity(group, point))
970 field_mul = group->meth->field_mul;
971 field_sqr = group->meth->field_sqr;
972 p = group->field;
975 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
999 if (!field_sqr(group, rh, point->X, ctx))
1003 if (!field_sqr(group, tmp, point->Z, ctx))
1005 if (!field_sqr(group, Z4, tmp, ctx))
1007 if (!field_mul(group, Z6, Z4, tmp, ctx))
1011 if (group->a_is_minus3) {
1018 if (!field_mul(group, rh, rh, point->X, ctx))
1021 if (!field_mul(group, tmp, Z4, group->a, ctx))
1025 if (!field_mul(group, rh, rh, point->X, ctx))
1030 if (!field_mul(group, tmp, group->b, Z6, ctx))
1038 if (!BN_mod_add_quick(rh, rh, group->a, p))
1040 if (!field_mul(group, rh, rh, point->X, ctx))
1043 if (!BN_mod_add_quick(rh, rh, group->b, p))
1048 if (!field_sqr(group, tmp, point->Y, ctx))
1059 int ossl_ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
1077 if (EC_POINT_is_at_infinity(group, a)) {
1078 return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
1081 if (EC_POINT_is_at_infinity(group, b))
1088 field_mul = group->meth->field_mul;
1089 field_sqr = group->meth->field_sqr;
1092 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
1113 if (!field_sqr(group, Zb23, b->Z, ctx))
1115 if (!field_mul(group, tmp1, a->X, Zb23, ctx))
1121 if (!field_sqr(group, Za23, a->Z, ctx))
1123 if (!field_mul(group, tmp2, b->X, Za23, ctx))
1136 if (!field_mul(group, Zb23, Zb23, b->Z, ctx))
1138 if (!field_mul(group, tmp1, a->Y, Zb23, ctx))
1144 if (!field_mul(group, Za23, Za23, a->Z, ctx))
1146 if (!field_mul(group, tmp2, b->Y, Za23, ctx))
1167 int ossl_ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
1174 if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
1178 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
1189 if (!EC_POINT_get_affine_coordinates(group, point, x, y, ctx))
1191 if (!EC_POINT_set_affine_coordinates(group, point, x, y, ctx))
1206 int ossl_ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
1219 ctx = new_ctx = BN_CTX_new_ex(group->libctx);
1248 if (group->meth->field_set_to_one != 0) {
1249 if (!group->meth->field_set_to_one(group, prod_Z[0], ctx))
1259 if (!group->
1260 meth->field_mul(group, prod_Z[i], prod_Z[i - 1], points[i]->Z,
1274 if (!group->meth->field_inv(group, tmp, prod_Z[num - 1], ctx)) {
1278 if (group->meth->field_encode != 0) {
1284 if (!group->meth->field_encode(group, tmp, tmp, ctx))
1286 if (!group->meth->field_encode(group, tmp, tmp, ctx))
1300 if (!group->
1301 meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx))
1306 if (!group->meth->field_mul(group, tmp, tmp, points[i]->Z, ctx))
1328 if (!group->meth->field_sqr(group, tmp, p->Z, ctx))
1330 if (!group->meth->field_mul(group, p->X, p->X, tmp, ctx))
1333 if (!group->meth->field_mul(group, tmp, tmp, p->Z, ctx))
1335 if (!group->meth->field_mul(group, p->Y, p->Y, tmp, ctx))
1338 if (group->meth->field_set_to_one != 0) {
1339 if (!group->meth->field_set_to_one(group, p->Z, ctx))
1365 int ossl_ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
1368 return BN_mod_mul(r, a, b, group->field, ctx);
1371 int ossl_ec_GFp_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
1374 return BN_mod_sqr(r, a, group->field, ctx);
1383 int ossl_ec_GFp_simple_field_inv(const EC_GROUP *group, BIGNUM *r,
1391 && (ctx = new_ctx = BN_CTX_secure_new_ex(group->libctx)) == NULL)
1399 if (!BN_priv_rand_range_ex(e, group->field, 0, ctx))
1404 if (!group->meth->field_mul(group, r, a, e, ctx))
1407 if (!BN_mod_inverse(r, r, group->field, ctx)) {
1412 if (!group->meth->field_mul(group, r, r, e, ctx))
1427 * lambda = [1,group->field)
1430 int ossl_ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p,
1452 ret = BN_priv_rand_range_ex(lambda, group->field, 0, ctx);
1461 if ((group->meth->field_encode != NULL
1462 && !group->meth->field_encode(group, lambda, lambda, ctx))
1463 || !group->meth->field_mul(group, p->Z, p->Z, lambda, ctx)
1464 || !group->meth->field_sqr(group, temp, lambda, ctx)
1465 || !group->meth->field_mul(group, p->X, p->X, temp, ctx)
1466 || !group->meth->field_mul(group, temp, temp, lambda, ctx)
1467 || !group->meth->field_mul(group, p->Y, p->Y, temp, ctx))
1493 int ossl_ec_GFp_simple_ladder_pre(const EC_GROUP *group,
1506 || !group->meth->field_sqr(group, t3, p->X, ctx)
1507 || !BN_mod_sub_quick(t4, t3, group->a, group->field)
1508 || !group->meth->field_sqr(group, t4, t4, ctx)
1509 || !group->meth->field_mul(group, t5, p->X, group->b, ctx)
1510 || !BN_mod_lshift_quick(t5, t5, 3, group->field)
1512 || !BN_mod_sub_quick(r->X, t4, t5, group->field)
1513 || !BN_mod_add_quick(t1, t3, group->a, group->field)
1514 || !group->meth->field_mul(group, t2, p->X, t1, ctx)
1515 || !BN_mod_add_quick(t2, group->b, t2, group->field)
1517 || !BN_mod_lshift_quick(r->Z, t2, 2, group->field))
1522 if (!BN_priv_rand_range_ex(r->Y, group->field, 0, ctx))
1528 if (!BN_priv_rand_range_ex(s->Z, group->field, 0, ctx))
1533 if (group->meth->field_encode != NULL
1534 && (!group->meth->field_encode(group, r->Y, r->Y, ctx)
1535 || !group->meth->field_encode(group, s->Z, s->Z, ctx)))
1539 if (!group->meth->field_mul(group, r->Z, r->Z, r->Y, ctx)
1540 || !group->meth->field_mul(group, r->X, r->X, r->Y, ctx)
1541 || !group->meth->field_mul(group, s->X, p->X, s->Z, ctx)) /* s := p */
1563 int ossl_ec_GFp_simple_ladder_step(const EC_GROUP *group,
1580 || !group->meth->field_mul(group, t6, r->X, s->X, ctx)
1581 || !group->meth->field_mul(group, t0, r->Z, s->Z, ctx)
1582 || !group->meth->field_mul(group, t4, r->X, s->Z, ctx)
1583 || !group->meth->field_mul(group, t3, r->Z, s->X, ctx)
1584 || !group->meth->field_mul(group, t5, group->a, t0, ctx)
1585 || !BN_mod_add_quick(t5, t6, t5, group->field)
1586 || !BN_mod_add_quick(t6, t3, t4, group->field)
1587 || !group->meth->field_mul(group, t5, t6, t5, ctx)
1588 || !group->meth->field_sqr(group, t0, t0, ctx)
1589 || !BN_mod_lshift_quick(t2, group->b, 2, group->field)
1590 || !group->meth->field_mul(group, t0, t2, t0, ctx)
1591 || !BN_mod_lshift1_quick(t5, t5, group->field)
1592 || !BN_mod_sub_quick(t3, t4, t3, group->field)
1594 || !group->meth->field_sqr(group, s->Z, t3, ctx)
1595 || !group->meth->field_mul(group, t4, s->Z, p->X, ctx)
1596 || !BN_mod_add_quick(t0, t0, t5, group->field)
1598 || !BN_mod_sub_quick(s->X, t0, t4, group->field)
1599 || !group->meth->field_sqr(group, t4, r->X, ctx)
1600 || !group->meth->field_sqr(group, t5, r->Z, ctx)
1601 || !group->meth->field_mul(group, t6, t5, group->a, ctx)
1602 || !BN_mod_add_quick(t1, r->X, r->Z, group->field)
1603 || !group->meth->field_sqr(group, t1, t1, ctx)
1604 || !BN_mod_sub_quick(t1, t1, t4, group->field)
1605 || !BN_mod_sub_quick(t1, t1, t5, group->field)
1606 || !BN_mod_sub_quick(t3, t4, t6, group->field)
1607 || !group->meth->field_sqr(group, t3, t3, ctx)
1608 || !group->meth->field_mul(group, t0, t5, t1, ctx)
1609 || !group->meth->field_mul(group, t0, t2, t0, ctx)
1611 || !BN_mod_sub_quick(r->X, t3, t0, group->field)
1612 || !BN_mod_add_quick(t3, t4, t6, group->field)
1613 || !group->meth->field_sqr(group, t4, t5, ctx)
1614 || !group->meth->field_mul(group, t4, t4, t2, ctx)
1615 || !group->meth->field_mul(group, t1, t1, t3, ctx)
1616 || !BN_mod_lshift1_quick(t1, t1, group->field)
1618 || !BN_mod_add_quick(r->Z, t4, t1, group->field))
1651 int ossl_ec_GFp_simple_ladder_post(const EC_GROUP *group,
1659 return EC_POINT_set_to_infinity(group, r);
1663 || !EC_POINT_invert(group, r, ctx))
1678 || !BN_mod_lshift1_quick(t4, p->Y, group->field)
1679 || !group->meth->field_mul(group, t6, r->X, t4, ctx)
1680 || !group->meth->field_mul(group, t6, s->Z, t6, ctx)
1681 || !group->meth->field_mul(group, t5, r->Z, t6, ctx)
1682 || !BN_mod_lshift1_quick(t1, group->b, group->field)
1683 || !group->meth->field_mul(group, t1, s->Z, t1, ctx)
1684 || !group->meth->field_sqr(group, t3, r->Z, ctx)
1685 || !group->meth->field_mul(group, t2, t3, t1, ctx)
1686 || !group->meth->field_mul(group, t6, r->Z, group->a, ctx)
1687 || !group->meth->field_mul(group, t1, p->X, r->X, ctx)
1688 || !BN_mod_add_quick(t1, t1, t6, group->field)
1689 || !group->meth->field_mul(group, t1, s->Z, t1, ctx)
1690 || !group->meth->field_mul(group, t0, p->X, r->Z, ctx)
1691 || !BN_mod_add_quick(t6, r->X, t0, group->field)
1692 || !group->meth->field_mul(group, t6, t6, t1, ctx)
1693 || !BN_mod_add_quick(t6, t6, t2, group->field)
1694 || !BN_mod_sub_quick(t0, t0, r->X, group->field)
1695 || !group->meth->field_sqr(group, t0, t0, ctx)
1696 || !group->meth->field_mul(group, t0, t0, s->X, ctx)
1697 || !BN_mod_sub_quick(t0, t6, t0, group->field)
1698 || !group->meth->field_mul(group, t1, s->Z, t4, ctx)
1699 || !group->meth->field_mul(group, t1, t3, t1, ctx)
1700 || (group->meth->field_decode != NULL
1701 && !group->meth->field_decode(group, t1, t1, ctx))
1702 || !group->meth->field_inv(group, t1, t1, ctx)
1703 || (group->meth->field_encode != NULL
1704 && !group->meth->field_encode(group, t1, t1, ctx))
1705 || !group->meth->field_mul(group, r->X, t5, t1, ctx)
1706 || !group->meth->field_mul(group, r->Y, t0, t1, ctx))
1709 if (group->meth->field_set_to_one != NULL) {
1710 if (!group->meth->field_set_to_one(group, r->Z, ctx))